Intelligent CISO Issue 09 | Page 24

threat updates GLOBAL Marriott International announced details of a cyberattack which compromised the data of millions of customers in its Starwood guest reservation database. The company said an investigation had determined there was unauthorised access to the database, which contained guest information relating to reservations at Starwood properties on or before September 10, 2018. Up to 500 million customers could have been affected – with the possibility that payment card information was also exposed – and there had been unauthorised access to the Starwood network since 2014. NORTH AMERICA Two Iranian men were charged for the alleged deployment of malicious software known as SamSam which infected more than 200 victims – mainly in the US and Canada. The pair are charged with one count of conspiracy to commit wire fraud, one count of conspiracy to commit fraud and related activity in connection with computers, two substantive counts of intentional damage to a protected computer and two substantive counts of transmitting a demand in relation to damaging a protected computer. In a statement, the company said: “Marriott deeply regrets this incident happened. From the start, we moved quickly to contain the incident and conduct a thorough investigation with the assistance of leading security experts.” 24 Issue 09 | www.intelligentciso.com